AN„R
Company Details
Linkedin ID:
apele-romane
Website:
Employees number:
55
Number of followers:
108
NAICS:
92
Industry Type:
Homepage:
rowater.ro
IP Addresses:
0
Company ID:
ADM_1103001
Scan Status:
In-progress
Administrația Națională „Apele Române” Company CyberSecurity Posture
rowater.ro
None
Administrația Națională „Apele Române” A.I CyberSecurity Scoring
AN„R Risk Score (AI oriented)Between 600 and 649
AN„R
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AN„R Global Score (TPRM)XXXX
AN„R
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AN„R Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Apele Române: Romania investigates large scale cyber attack on national water body
Ransomware
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: **Romania Investigates Major Ransomware Attack on National Water Authority** On December 24, 2025, Romanian authorities confirmed a large-scale ransomware attack targeting *Apele Române*, the country’s national water administration. The attack encrypted approximately 1,000 IT systems across regional water basin offices, disrupting email systems, databases, servers, and workstations. Threat actors exploited Microsoft’s BitLocker tool to lock files and issued a ransom demand, requiring contact within seven days. However, Romanian cybersecurity officials have refused to engage with the attackers. Despite the IT disruptions, operational technology—including hydrotechnical infrastructure and critical water management systems—remained unaffected, allowing flood defense operations to continue normally. Staff relied on radio and telephone communications to maintain coordination during the recovery effort. The National Directorate of Cyber Security and the Romanian Intelligence Service’s cyber center are leading the investigation and system restoration. Authorities are also working to integrate water infrastructure into the state’s cyber protection framework. The incident highlights the growing trend of ransomware groups targeting essential public utilities, underscoring the need for enhanced resilience and identity controls in critical sectors.
AN„R Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AN„R
Incidents vs Government Administration Industry Average (This Year)
Administrația Națională „Apele Române” has 19.05% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Administrația Națională „Apele Române” has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types AN„R vs Government Administration Industry Avg (This Year)
Administrația Națională „Apele Române” reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — AN„R (X = Date, Y = Severity)
AN„R cyber incidents detection timeline including parent company and subsidiaries
AN„R Company Subsidiaries
None
Loading...
AN„R Similar Companies
City of Tallinn
Tallinn is the capital of Estonia. The mission of the city organization is to make Tallinn the best place to live for the people staying here, the desired destination for people arriving here, and a good place of departure for people who start here. For this purpose, the management of Tallinn as a
Ministero dell'Interno
Il ministero dell'Interno è una struttura complessa il cui assetto organizzativo è disciplinato dal D.L.vo n. 300/99 e dai provvedimenti attuativi. A livello centrale, si articola in uffici di diretta collaborazione con il ministro (D.P.R. n. 98/2002) e cinque dipartimenti (D.P.R. n. 398/2001 e succ
US Environmental Protection Agency (EPA)
U.S. Environmental Protection Agency’s (EPA) mission is to protect human health and the environment. EPA works to ensure that: - Americans have clean air, land and water; - National efforts to reduce environmental risks are based on the best available scientific information; - Federal laws protecti
FDA
The Food and Drug Administration is an agency within the Department of Health and Human Services. The FDA is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices; and by ensuring the safet
Rijksoverheid
Op vrijwel alle werkterreinen en functieniveaus biedt de Rijksoverheid leuke en boeiende banen. Vacatures zijn bovendien in heel Nederland te vinden. Waar voor jou precies de mogelijkheden liggen hangt onder andere samen met je vooropleiding. Zowel met een mbo- of hbo-diploma als met een universitai
Ministère de l'Éducation nationale
Page officielle du ministère de l'Éducation nationale. Retrouvez toute l'information sur www.education.gouv.fr, twitter.com/education_gouv, facebook.com/education.gouv et dans nos lettres d'informations (bulletin hebdo et lettre education.gouv.fr). --------------------------------------------------
U.S. Department of the Treasury
The Treasury Department is the executive agency responsible for promoting economic prosperity and ensuring the financial security of the United States. The Department is responsible for a wide range of activities such as advising the President on economic and financial issues, encouraging sustainabl
Texas Health and Human Services
Overview The Texas Health and Human Services Commission (HHSC) is an agency within the Texas Health and Human Services System. In September 2016, Texas began transforming how it delivers health and human services to qualified Texans, with a goal of making the Health and Human Services System more ef
Ville de Montréal
Montréal est la plus grande ville francophone d’Amérique et elle se distingue par sa vitalité culturelle exceptionnelle et des forces créatrices reconnues mondialement. Elle se développe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans économique, culturel
.png)
AN„R CyberSecurity News
December 23, 2025 05:12 PM
Ransomware attack disrupts Romania’s national water authority
Romania's National Directorate for Cyber Security reported a significant ransomware attack that compromised approximately 1,000 IT systems...
December 23, 2025 04:25 PM
Romania’s Water Authority Hit by Ransomware, Disrupting Systems Nationwide
In the early hours of December 20, Romania's national water authority, Romanian Waters (Administrația Națională Apele Române),...
December 23, 2025 03:39 PM
DDoS Attack on France Post La Poste and BitLocker ransomware attack on Romania Water
A major DDoS attack targeted France's La Poste, causing postal and digital service disruptions and raising concerns over national...
December 23, 2025 03:29 PM
Romania's cybersecurity agency confirms ransomware attack on water management systems
Romania's National Cyber Security Directorate (DNSC) has confirmed a major ransomware attack on the country's water management agency,...
December 23, 2025 03:05 PM
Cyber Threats - Romania’s national water authority hit by ransomware attack affecting about 1,000 systems
Romania's national water management authority, Administrația Națională Apele Române, was struck by a ransomware attack over the weekend that...
December 23, 2025 01:43 PM
Ransomware Hits Romanian Water Authority, 1000 Systems Knocked Offline
Romania's national water authority, Romanian Waters (Administrația Națională Apele Române), is currently working to recover from a major...
December 22, 2025 03:25 PM
Romanian water authority hit by ransomware attack over weekend
Romanian Waters (Administrația Națională Apele Române), the country's water management authority, was hit by a ransomware attack over the...
December 22, 2025 12:13 PM
Around 1,000 systems compromised in ransomware attack on Romanian water agency
Romania's cybersecurity agency confirms a major ransomware attack on the country's water management administration has compromised around...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AN„R CyberSecurity History Information
Official Website of Administrația Națională „Apele Române”
The official website of Administrația Națională „Apele Române” is www.rowater.ro.
Administrația Națională „Apele Române”’s AI-Generated Cybersecurity Score
According to Rankiteo, Administrația Națională „Apele Române”’s AI-generated cybersecurity score is 637, reflecting their Poor security posture.
How many security badges does Administrația Națională „Apele Române”’ have ?
According to Rankiteo, Administrația Națională „Apele Române” currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Administrația Națională „Apele Române” have SOC 2 Type 1 certification ?
According to Rankiteo, Administrația Națională „Apele Române” is not certified under SOC 2 Type 1.
Does Administrația Națională „Apele Române” have SOC 2 Type 2 certification ?
According to Rankiteo, Administrația Națională „Apele Române” does not hold a SOC 2 Type 2 certification.
Does Administrația Națională „Apele Române” comply with GDPR ?
According to Rankiteo, Administrația Națională „Apele Române” is not listed as GDPR compliant.
Does Administrația Națională „Apele Române” have PCI DSS certification ?
According to Rankiteo, Administrația Națională „Apele Române” does not currently maintain PCI DSS compliance.
Does Administrația Națională „Apele Române” comply with HIPAA ?
According to Rankiteo, Administrația Națională „Apele Române” is not compliant with HIPAA regulations.
Does Administrația Națională „Apele Române” have ISO 27001 certification ?
According to Rankiteo,Administrația Națională „Apele Române” is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Administrația Națională „Apele Române”
Administrația Națională „Apele Române” operates primarily in the Government Administration industry.
Number of Employees at Administrația Națională „Apele Române”
Administrația Națională „Apele Române” employs approximately 55 people worldwide.
Subsidiaries Owned by Administrația Națională „Apele Române”
Administrația Națională „Apele Române” presently has no subsidiaries across any sectors.
Administrația Națională „Apele Române”’s LinkedIn Followers
Administrația Națională „Apele Române”’s official LinkedIn profile has approximately 108 followers.
NAICS Classification of Administrația Națională „Apele Române”
Administrația Națională „Apele Române” is classified under the NAICS code 92, which corresponds to Public Administration.
Administrația Națională „Apele Române”’s Presence on Crunchbase
No, Administrația Națională „Apele Române” does not have a profile on Crunchbase.
Administrația Națională „Apele Române”’s Presence on LinkedIn
Yes, Administrația Națională „Apele Române” maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/apele-romane.
Cybersecurity Incidents Involving Administrația Națională „Apele Române”
As of December 24, 2025, Rankiteo reports that Administrația Națională „Apele Române” has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Administrația Națională „Apele Române” has an estimated 11,767 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Administrația Națională „Apele Române” ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Administrația Națională „Apele Române” detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with restoring systems..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on Romanian National Water Administration
Description: Authorities in Romania confirmed a severe ransomware attack on the national water administration ‘Apele Române’, encrypting around 1,000 IT systems across most regional water basin offices. Attackers used Microsoft’s BitLocker tool to lock files and issued a ransom note demanding contact within seven days. The disruption affected email systems, databases, servers, and workstations but did not impact operational technology or critical water management systems.
Date Detected: 2025-12-24
Date Publicly Disclosed: 2025-12-24
Type: ransomware
Motivation: financial gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware APE1766599000
Systems Affected: 1000 IT systems (email, databases, servers, workstations)
Operational Impact: Disruption to administrative systems; no impact on hydrotechnical structures or critical water management
Which entities were affected by each incident ?
Incident : ransomware APE1766599000
Entity Name: Apele Române
Entity Type: government agency
Industry: water management
Location: Romania
Response to the Incidents
What measures were taken in response to each incident ?
Incident : ransomware APE1766599000
Remediation Measures: Restoring systems
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware APE1766599000
Data Encryption: Yes (using Microsoft BitLocker)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Restoring systems.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware APE1766599000
Ransom Demanded: Contact within seven days
Ransom Paid: No (officials rejected negotiation)
Data Encryption: Yes
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : ransomware APE1766599000
Lessons Learned: Ransomware groups increasingly target essential utilities, making resilience and identity controls a strategic priority. Water infrastructure is now being included in the state cyber protection framework.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Ransomware groups increasingly target essential utilities, making resilience and identity controls a strategic priority. Water infrastructure is now being included in the state cyber protection framework.
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: News articleDate Accessed: 2025-12-24.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : ransomware APE1766599000
Investigation Status: Ongoing
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : ransomware APE1766599000
Corrective Actions: Including water infrastructure within the state cyber protection framework
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Including water infrastructure within the state cyber protection framework.
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was Contact within seven days.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-12-24.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-12-24.
Impact of the Incidents
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was Contact within seven days.
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was No (officials rejected negotiation).
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Ransomware groups increasingly target essential utilities, making resilience and identity controls a strategic priority. Water infrastructure is now being included in the state cyber protection framework.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is News article.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.
Risk Information
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication.
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
continuwuity is a Matrix homeserver written in Rust. Prior to version 0.5.0, this vulnerability allows a remote, unauthenticated attacker to force the target server to cryptographically sign arbitrary membership events. The flaw exists because the server fails to validate the origin of a signing request, provided the event's state_key is a valid user ID belonging to the target server. This issue has been patched in version 0.5.0. A workaround for this issue involves blocking access to the PUT /_matrix/federation/v2/invite/{roomId}/{eventId} endpoint using the reverse proxy.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
- https://github.com/langchain-ai/langchainjs/commit/e5063f9c6e9989ea067dfdff39262b9e7b6aba62
- https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcore%401.1.8
- https://github.com/langchain-ai/langchainjs/releases/tag/langchain%401.2.3
- https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-r399-636x-v7f6
Description
LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
- https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8
- https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6
- https://github.com/langchain-ai/langchain/pull/34455
- https://github.com/langchain-ai/langchain/pull/34458
- https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81
- https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5
- https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=apele-romane' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
